Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 42 Next »

The article instructs on adding cloud accounts to Cloudaware using APIs. Cloudaware uses the OAuth standard to identify users who send requests to Cloudaware API. A current user should get a specific token to add or see accounts depending on their permissions.

Get OAuth token


1. Log in to your Cloudaware account → Admin.

adding cloud accounts - admin.png

2. Select OAuth on the left → +Create New Token Create Token.

adding cloud accounts - oauth - create token 1.pngadding cloud accounts - oauth - create token 2.png

You may be redirected to an intermediate force.com page to grant access to CloudAware OAuth2. Click Allow.

3. Click Copy To Clipboard to copy and save the token.

adding cloud accounts - oauth - copy token.png

4. Click Got It, Сlose Window to proceed.

adding cloud accounts - oauth - token copied.png

5. Check the list of tokens counts. 

adding cloud accounts - oauth - token use count.png

You can have only 4 (four) active tokens at a time! The column 'Use Count' shows the number of times the token has been used.


6. Note that if a token has been compromised, it must be revoked: click triple dots → RevokeYes, Revoke.

adding cloud accounts - oauth - revoke token.png

7. Click +Create New Token to get a new token if necessary.

adding cloud accounts - oauth - create new token.png

8. If you have IP restrictions in your environment, edit OAuth policies settings as shown in the tip below.

 IP Relaxation Tip

8.1. Log in to your Cloudaware account → Setup:

adding cloud accounts - setup.png

8.2. Type Apps in the Search bar → Connected Apps → Manage Connected Apps → click on the Cloudaware OAuth2 app:

adding cloud accounts - oauth - connected apps - select the app.png

Click Edit Policies:

adding aws accs - oauth - the app - edit policies.png

8.3. Select 'Relax IP restrictions' in 'IP Relaxation':

adding aws accs - oauth - the app - relax ip restrictions.png

Click Save.

Get API key


The API key is required for performing requests to Cloudaware API.


1. Create a Google Cloud Project account.


2. Submit an access request to support@cloudaware.com providing the full e-mail of the associated Google Cloud Project account.


3. Activate access to Cloudaware API using API Manager. Go to https://console.cloud.google.com → open a navigation menu (hamburger button) → select 'APIs & Services' in the menu on the left.

adding AWS accounts - get API key - APIs and services menu.pngadding AWS accounts - get API key - library.png

Select 'Library' → filter by Private.

adding AWS accounts - get API key - private APIs.png


4. Select external.endpoints.cloudaware-vm.cloud.googEnable.

adding AWS accounts - get API key - select API.pngadding AWS accounts - get API key - enable.png

5. Go back to 'APIs & Services' → Credentials → Create credentials → API Key.

adding AWS accounts - get API key - create credentials.pngadding AWS accounts - get API key - select API key.png


6. Copy the API Key to the clipboard:

adding AWS accounts - get API key - copy the key.png

Setup in API Explorer


The Google APIs Explorer allows customers to explore and test APIs. Below is an example of adding AWS accounts to Cloudaware using public APIs:


1. Go to Google APIs Explorer using this link.
2. Click on a gear button. Select 'Set API key / OAuth 2.0 Client ID':

adding AWS accounts - APIs explorer - gear icon.png

Insert API key and OAuth 2.0 token. Click Save.

adding AWS accounts - API explorer - insert key and token.png

3. Go to Services → External API v1 → select external.amazon.account.create

adding AWS accounts - API explorer - select the API.png

4. Fill out the form:

adding AWS accounts - APIs explorer - form.png

WHERE
token - insert the OAuth token generated before. Select fields in ‘Request body’ to make it look like below:

sandbox - select ‘true’ if your Salesforce org is a sandbox, otherwise select ‘false’

Request body - select properties successively as role, trustedAccount, accountId, externalId, usages, name

{
  "role": 
  {
    "trustedAccount": 
    {
      "accountId": ""
    },
    "externalId": ""
  },
  "usages": 
  [
  ],
  "name": ""
}

5. Click Authorize and Execute. 

List of APIs

external.amazon.accounts.create
external.amazon.accounts.list
external.amazon.accounts.remove
external.amazon.accounts.update
external.applications.batch.upsert
external.applications.list
external.applications.remove
external.applications.tiers.remove
external.azure.activeDirectories.create
external.azure.activeDirectories.list
external.azure.activeDirectories.remove
external.azure.activeDirectories.update
external.azure.applications.list
external.azure.applications.remove
external.azure.applications.update
external.azure.subscriptions.create
external.azure.subscriptions.list
external.azure.subscriptions.remove
external.azure.subscriptions.update
external.compliance.policies.executeTests
external.compliance.policies.generate
external.compliance.schema.list
external.compliance.types.filter
external.compliance.types.get
external.compliance.types.list
external.incidents.create
external.newRelic.accounts.create
external.newRelic.accounts.getAll
external.newRelic.accounts.remove
external.newRelic.accounts.rotateApiKey
external.newRelic.accounts.update
external.session.create
external.tunhub.tunnels.getAll
external.tunhub.tunnels.routes.getAll
external.tunhub.tunnels.swapChannels
external.tunhub.tunnels.update

  • No labels